Categories: Risk Management
That was great of my old friend, Stanly Raspberry, Private Eye, to convey a story in my last blog, about how useless it was to have risk analyst Myron Tittle tag along with him on his last case, but I’m afraid Stanly’s points were a bit subtle. So, I’ll be a little bit more blatant: much of what is presented as modern risk management is fraudulent, and a complete waste of money and time.
I offer a more thorough debunking of current risk management theory in (Marlin Perkins moment alert!) my new book, Game Theory in Management, Modeling Business Decisions and Their Consequences (http://www.ashgate.com/default.aspx?page=1751&calctitle=1&pageSubject=692&sort=title&pagecount=2&title_id=11616&edition_id=15149), but, for this blog, a couple of well-placed arguments should get the discussion rolling (or roiling). I want to start by picking off that most irksome of risk analysts’ assertions, that “risk management” also includes “opportunity.” Note the gratuitous inclusion of the word in the Project Management Institute’s (PMI®’s) PMBOK Handbook Series on the subject, Project and Program RISK MANAGEMENT, A Guide to Managing Project Risks and Opportunities (PMI Publishing, 1992). The risk management aficionados simply love to claim that their Gaussian curve-based models can somehow quantify how the future will unfold, so, naturally, they simply had to change the definition of “risk” to include the good with the bad. Hence, the coining of the term “upside risk,” and the inclusion of the management of upside risk, or opportunity, in subsequent PMI publications that deal with the subject. Here is a brief list of reference works that exclude any mention of “opportunity,” or, indeed, anything but hazardous or negative events being associated with the word “risk”:
· Webster’s New International Dictionary, Second Edition, Unabridged (this book weighs 16 pounds)
· Webster’s New Collegiate Dictionary, 8th Edition
· The American Heritage Dictionary, 2nd College Edition
· The Oxford English Dictionary (which, incidentally, included the word’s etymology as coming from the Latin phrase “to run into danger.”)
But, let the Project Management Institute issue “guidance”with an utterly re-defined “risk,” and all right-thinking managers must immediately adopt the new version!
Current risk analysis techniques rely to a high degree on the experiences of the project’s experts to provide best-case, worst-case, and most-probable scenarios to serve as the basis for the estimators’ cost baselines and contingency reserves. Take away the statistical analyses, the confidence intervals and Monte Carlo simulations, and this is what you have – not what went before, but what those creating the baselines perceive as what went before. Our internal narratives – including the ones that explain why the past unfolded the way it did – are full of cognitive biases, rendering the strength of our causality analyses far weaker than we believe them to be (hence, quasi-surreal events like the celebration of Groundhog Day). Why would anyone believe that, once we flip these narratives forward across the Time Now line, they can provide a workable structure for how the future will come about? And no amount of Gaussian-curve-based models overlaying these narratives can magically bestow validity to them.
As I discuss in Game Theory in Management, it’s another example of a management information system far outstripping its epistemological boundaries, and its adherents being placed in the position to having to promise to be able to return information concerning the unfolding of future events, which is obviously absurd. Nassim Taleb, in his wonderful work The Black Swan, The Impact of the HIGHLY IMPROBABLE (Random House Trade Paperback Edition, 2010) had these two gems:
· Also, many readers (say, those who work in forecasting or banking) do not often understand that the “actionable step” for them is to simply quit their profession and do something more ethical. (page 334)
· This proves that everything relying on “standard deviations,” “variance,” “least square derivation,” etc. is bogus. (page 355)
And yet, a Google search on the term “risk management” returned over 63 million results (June 17, 2012), many of them organizations that offer to perform risk management services. I find it ironic that when I write about the accuracy and reliability of Earned Value information, I invariably receive comments along the lines of “It’s only a tool! It has little to do with project success!” But, let me cast any dispersions against the, in my opinion, vastly over-sold efficacy of risk management techniques, and the exact opposite happens, and to a significantly higher degree. In my previous gig, writing The Variance Threshold column for PMNetwork magazine, people would write the managing editor demanding my firing for daring to state that the definition of risk had nothing to do with “opportunity.”
So, that being my experience, I believe there to be a high probability of this blog generating some lively discussion – unless, of course, the risk management types, after having read this piece, are willing to concede the argument.
And I find that unlikely.